[LLVMbugs] [Bug 15137] New: -fsanitize=address false positive in sscanf
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Fri Feb 1 04:45:34 PST 2013
http://llvm.org/bugs/show_bug.cgi?id=15137
Bug #: 15137
Summary: -fsanitize=address false positive in sscanf
Product: new-bugs
Version: trunk
Platform: PC
OS/Version: Windows NT
Status: NEW
Severity: enhancement
Priority: P
Component: new bugs
AssignedTo: unassignedbugs at nondot.org
ReportedBy: joerg.richter at pdv-fs.de
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
cat > t.cc <<EOF
#include <cstdio>
int main()
{
int d;
char c;
sscanf( "a12", "%c%d", &c, &d );
}
EOF
clang -o t t.cc -fsanitize=address
t
######
Gives:
=================================================================
==9879== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ffffb5c2061 at pc 0x4113ec bp 0x7ffffb5c1ed0 sp 0x7ffffb5c1e60
...
Address 0x7ffffb5c2061 is located at offset 97 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'd'
[96, 97) 'c'
...
>From [1]:
c
Matches a sequence of bytes of the number specified by the field width (1
if no field width is present in the conversion specification). No null byte is
added.
(Tested in trunk from 2013-01-25)
[1]: http://pubs.opengroup.org/onlinepubs/9699919799/functions/scanf.html
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list